Pages

Monday, 23 September 2013

The Pains of "Convenient" Internet Banking

Hey all, so some people have been wondering why I wasn't able to post last week. The thing is, I have been busy keeping up with my course and it got a bit too hectic last week. I just wanted to reassure anyone reading this. That I do have a commitment to writing this blog, but things are going to get more complicated coming up to December when I have exams. So please bear with me, if I am not able to post anything for a week. With that done, onto my topic of the week.

So this weekend, I needed to carry out internet banking using my normal methods. This would involve using either a card reader or number generator card. However this time, I found that I had lost/misplaced my number generator card, which is needed to get into my bank account. Now usually one would assume that the bank would provide you with an alternative way of accessing your internet bank account, but in this situation, they had basically forced you to use their generator or nothing at all. And you would need to order another one using their telephone banking system. What followed was an hour of anger and hardship, as I scoured through my notes for all the banking credentials I would need to access my account. Even when I thought I had it all, it seemed like I needed extra details that I had created once ages ago and never looked at again. Finally, when I had successfully logged into my account and gotten hold of a telephone assistant. I was informed that I could get a new generator, but I would have to either wait 5 days for the it to be dispatched or show up at a local branch to obtain a new reader.

Now personally, I think this is ridiculous. There is all this talk of technology making our life easier, but there is no sign whatsoever in this situation of that ease of use. I mean, I understand the need for security, however it is getting ridiculous. Requiring people to have 5 different passwords and 2 recovery words/phrases just for one account. I mean, how are people expected to remember all of this stuff. Now most people adopt a way to coping with this situation by using the same password for multiple accounts and the same applies to their recovery words. But this would make them even more vulnerable than before, as a malicious user would only need to work how to get into one account before they would probably be able to steal one’s identity via the multiple accounts.

I propose that we consider the alternatives available to us currently and some that will be available in the future:

Smartphones

We could use this as form of online verification just like we have bank card readers

It should be used as an alternative to two-step authentication because let's be honest most people would never forget their phone

Also it would mean if you didn't have one at least you would have the other

However, it would be limited to those who have smartphones

Fingerprinting

This could be a similar implementation to what the new iPhone 5s has introduced

If this is implemented by all mobile phone manufacturers could be revolutionary about how we secure important details

Privacy is affected here because most people would not realise that if the data was intercepted someone would be able to easily access their fingerprint so for it to work correctly the implementation would have to be spot on

It is specific to each person as it uses your ECG (electric signal produced by your heart) to individualise your password

It would be harder to crack than passwords

Its ease of use is what really attracts me to this product, but uptake of it needs to be great as in developers need to use to unlock their apps, manufacturers need to implement it to unlock their cars, doors and so on

I'll leave you with a video of what I think could be the future. Till next time all!!